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Abstract 

A grammar logic refers to an extension to the multi-modal logic K in which the modal 
axioms are generated from a formal grammar. We consider a proof theory, in nested 
sequent calculus, of grammar logics with converse, i.e., every modal operator [a] comes 
with a converse Extending previous works on nested sequent systems for tense 

logics, we show all grammar logics (with or without converse) can be formalised in 
nested sequent calculi, where the axioms are internalised in the calculi as structural 
rules. Syntactic cut-elimination for these calculi is proved using a procedure similar 
to that for display logics. If the grammar is context-free, then one can get rid of 
all structural rules, in favor of deep inference and additional propagation rules. We 
give a novel semi-decision procedure for context-free grammar logics, using nested 
sequent calculus with deep inference, and show that, in the case where the given 
context-free grammar is regular, this procedure terminates. Unlike all other existing 
decision procedures for regular grammar logics in the literature, our procedure does 
not assume that a finite state automaton encoding the axioms is given. 

Keywords: Nested sequent calculus, display calculus, modal logics, deep inference. 

1 Introduction 

A grammar logic refers to an extension of the multi-modal logic K in which 
the modal axioms are generated from a formal grammar. Thus given a set E 
of indices, and a grammar production rule as shown below left, where each 
and bj are in S, we extend K with the multi-modal axiom shown below right: 

aia2 ■ ■ ■ ai ^ bib2 ■ ■ ■ br [ai] [02] • • • [ai]A D [bi] [62] • • • [br]A 

The logic is a context-free grammar logic if Z = 1 and furthermore, is a right 
linear grammar logic if the production rules also define a right linear grammar. 
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The logic is a regular grammar logic if the set of words generated from each 
a G E using the grammar production rules is a regular language. A right linear 
grammar logic is also a regular grammar logic since a right linear grammar 
can be converted to a finite automaton in polynomial time. Adding "converse" 
gives us alphabet symbols like a which correspond to the converse modality [a] 
and lead to multi-modal extensions of tense logic Kt where each modality [a] 
and its converse [a] obey the interaction axioms A D [a]{a)A and A D [a] (a) A. 

Display calculi [3] can handle grammar logics with converse since they all 
fall into the primitive fragment identified by Kracht [21]. Display calculi all 
enjoy Belnap's general cut-elimination theorem, but it is well-known that they 
are not suitable for proof-search. Our work is motivated by the problem of au- 
tomating proof search for display calculus. As in our previous work [12,13,14], 
we have chosen to work not directly in display calculus, but in a slightly dif- 
ferent calculus based on nested sequents [19,5], which we call shallow nested 
sequent calculi. The syntactic constructs of nested sequents are closer to tra- 
ditional sequent calculu, so as to allow us to use familiar notions in sequent 
calculus proof search procedures, such as the notions of saturation and loop 
checking, to automate proof search. A common feature of shallow nested se- 
quent calculus and display calculus is the use display postulates and other 
complex structural rules. These structural rules are the main obstacle to ef- 
fective proof search, and our (proof theoretic) methodology for designing proof 
search calculi is guided by the problem of eliminating these structural rules en- 
tirely. We show here how our methodology can be used to derive proof search 
calculi for context-free grammar logics. 

The general satisfiability problem for a grammar logic is to decide the satis- 
fiability of a given formula when given a set of production rules or when given 
an explicit finite state automaton (FSA) for the underlying grammar. 

Nguyen and Szalas [23] give an excellent summary of what is known about 
this problem, as outlined next. Grammar logics were introduced by del Cerro 
and Penttonen [7]. Baldoni et al [2] used prefixed tableaux to show that this 
problem is decidable for right linear logics but is undecidable for context free 
grammar logics. Demri [8] used an embedding into prepositional dynamic logic 
with converse to prove this problem is EXPTIME-complcte for right linear log- 
ics. Demri and de Nivelle [9] gave an embedding of the satisfiability problem 
for regular grammar logics into the two- variable guarded fragment of first-order 
logic and showed that satisfiability of regular grammar logics with converse is 
also EXPTIME-complete. Seen as description logics with inverse roles and 
complex role inclusions, decision procedures for regular grammar logics have 
also been studied extensively by Horrocks, et. al., see, e.g., [18,17,20]. Gore 
and Nguyen [11] gave an EXPTIME tableau decision procedure for the satisfi- 
ability of regular grammar logics using formulae labelled with automata states. 
Finally, Nguyen and Szalas [22,23] gave an extension of this method to handle 
converse by using the cut rule. In an unpublished manuscript, Nguyen has 
shown how to use the techniques of Gore and Widmann [16] to avoid the use 
of the cut rule. But as far as we know, there is no comprehensive sequent- 
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style proof theory for grammar logics with converse which enjoys a syntactic 
cut-elimination theorem and which is amenable to proof-search. 

We consider a proof theory, in nested sequent calculus, of grammar logics 
with converse, i.e., every modal operator [a] comes with a converse [a] ^. Ex- 
tending previous works on nested sequent systems for (bi-)modal logics [12,14], 
we show, in Section 3, that all grammar logics (with or without converse) can 
be formalised in (shallow) nested sequent calculi, where the axioms are inter- 
nalised in the calculi as structural rules. Syntactic cut-elimination for these 
calculi is proved using a procedure similar to that for display logics. We then 
show, in Section 4, that if the grammar is context-free, then one can get rid of 
all structural rules, in favor of deep inference and additional propagation rules. 

We then recast the problem of deciding grammar logics for the specific cases 
where the grammars are regular, using nested sequent calculus with deep in- 
ference. We first give, in Section 6.1, a decision procedure in the case where 
the regular grammar is given in the form of a FSA. This procedure is simi- 
lar to existing tableaux-based decision procedures [17,22,23], where the states 
and transitions of the FSA is incorporated into proof rules for propagation of 
diamond-formulae. This procedure serves as a stepping stone to defining the 
more general decision procedure which does not depend on an explicit repre- 
sentation of axioms as a FSA in Section 6.2. The procedure in Section 6.2 is 
actually a semi-decision procedure that works on any finite set of context-free 
grammar axioms. However, we show that, in the case where the given grammar 
is regular, this procedure terminates. The procedure avoids the requirement to 
provide a FSA for the given axioms. This is significantly different from existing 
decision procedures for regular grammar logics [9,11,23,22], where it is assumed 
that a FSA encoding the axioms of the logics is given. 

In this work, we follow Demri and de Nivelle's presentation of grammar ax- 
ioms as a semi-Thue system [9] . The problem of deciding whether a context-free 
semi-Thue system is regular or not appears to be still open; see [20] for a discus- 
sion on this matter. Termination of our generic procedure for regular grammar 
logics of course does not imply solvability of this problem as it is dependent on 
the assumption that the given grammar is regular (see Theorem 6.11). 

2 Grammar logics 

The language of a multi-modal logic is defined w.r.t. to an alphabet S, used 
to index the modal operators. We use a, b and c, possibly with subscripts, for 
elements of S and use u and v, for elements of E*, the set of finite strings over E. 
We use e for the empty string. We define an operation 7 (converse) on alphabets 
to capture converse modalities following Demri [9]. The converse operation 
satisfies a = a. We assume that S can be partitioned into two distinct sets E"'' 
and E~ such that a G E+ iff a S E~. The converse operation is extended to 
strings in E* as follows: if u = 0102 . . . then u = a„a„_i . . . a2ai, where 
n > 0. Note that if w = e then u ~ e. 

We assume a given denumerable set of atomic formulae, ranged over by p. 
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q, and r. The language of formulae is given by the following, where a G E: 

A p I -.A I A V A I A A A I [a]A \ (a) A 

Given a formula A, we write A^ for the negation normal form (nnf) of -^A. 
Implication A D B is defined as -^A V B. 

Definition 2.1 A Yi-frame is a pair {W,R) of a non-empty set of worlds and 
a set of binary relations {i?a}aGS over W satisfying, for every a G E, i?a = 
{{x,y) I i?a(?/,2:)}- A valuation V is a, mapping from prepositional variables to 
sets of worlds. A model 9Jt is a triple (VF, i?, V) where {W, R) is a frame and V 
is a valuation. The relation |= is defined inductively as follows: 

• 2)t,x Hp iff a; e V{p). 

• dR,xY-^AiEm,x^ A. 

• OT, X h ^ A B iff X ^ A and 9JI, x h -B- 

• m,x[^ Ay B iSm.x^ AoT mi,x^ B. 

• For every a G E, 9Jt, x |= [a]A iff for every j/ such that Ra{x, y), dJl, y \= A. 

• For every a G E, 9JT, x \= (a) A iff there exists y such that Ra{x, y), 971, y ^ A. 

A formula A is satisfiable iff there exists a E-model 2Jl = {W, R, V) and a world 
X €W such that 971, a; ^ A. 

We now define a class of multi-modal logics, given E, that is induced by 
production rules for strings from E*. We follow the framework in [9], using 
semi-Thue systems to define the logics. A production rule is a binary relation 
over strings in E*, interpreted as a rewrite rule on strings. We use the notation 
u — >■ w to denote a production rule which rewrites u to v. A semi-Thue system 
is a set 5* of production rules. It is closed if w — >^ w G 5* implies it — > u G 5. 

Given a E-frame (W, R), we define another family of accessibility relations 
indexed by E* as follows: i?^ — {{x, x) G .t G W} and for every u G E* and for 
every a G E, Rua — {{xtV) I {x,z) G G Ra, for some z G W}. 

Definition 2.2 Let m ^ ?; be a production rule and let = {W, R) be a E- 
frame. J- is said to satisfy u ^ v if Ry C_ satisfies a semi-Thue system 

S if it satisfies every production rule in S. 

Definition 2.3 Let 5* be a semi-Thue system. A formula A is said to be 
S-satisfiable iff there is a model 9H = {W, R, V) such that {W, R) satisfies S 
and 971, x \= A for some x ^ W. A is said to be S -valid if for every E-model 
971 = {W, R, V) that satisfies S, we have 971, a; |= ^ for every x €W. 

Given a string u = aia2...a„ and a formula A, we write {u)A for the 
formula (ai)(a2) • • • {o.n)A. The notation [u\A is defined analogously. If u = e 
then {u)A = [u]A = A. 

Definition 2.4 Let S" be a closed semi-Thue system over an alphabet E. The 
system Km(S') is an extension of the standard Hilbert system for multi-modal 
Km (see, e.g., [4]) with the following axioms: 
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. , T,A A,A-^ r,A,A _^ r,(a){A} 

r,p,^p r,A r,A ^ r,A (a){r},A 

T,A T,B T,A,B r, (q){A} r,(a){A,A} 
r,AAB r,AVB r,[a]A ^""^ r,(a){A},(a)A 

Fig. 1. The inference rules of SKm 

• for each a G E, a residuation axiom: A D [a](a)^ 

• and for each, u — > w G S*, an axiom [u\A D [v]A. 

Note that because we assume that S is closed, each axiom [u]A D [v]A has 
an inverted version [u\A D [v]A. 

The following theorem can be proved following a similar soundness and 
completeness proof for Hilbert systems for modal logics (see, e.g., [4]). 

Theorem 2.5 A formula F is S-valid iff F is provable in Km(S'). 

3 Nested sequent calculi with shallow inference 

We now give a sequent calculus for Km(S'), by using the framework of nested 
sequent calculus [19,5,12,14]. We follow the notation used in [19,14], extended 
to the multi-modal case. From this section onwards, we shall be concerned only 
with formulae in nnf, so we can restrict to one-sided sequents. 
A nested sequent is a multiset of the form shown below at left 

^1, . . . , A™, (ai){Ai}, . . . , (a„){A„} Ai V • ■ • V A,„ V [a{\Bi V ■ • • V [a„]B„ 

where each Ai is a formula and each A^ is a nested sequent. The structural 
connective (a){.} is a proxy for the modality [a], so this nested sequent can 
be interpreted as the formula shown above right (modulo associativity and 
commutativity of V), where each Bi is the interpretation of A^. We shall write 
(u){A}, where m = oi • • • a„ G E*, to denote the structure: 

(ai){(«2){---(«„){A}}...}. 

A context is a nested sequent with a 'hole' [ ] in place of a formula: this 
notation should not be confused with the modality [a]. We use r[ ], A[ ], etc. 
for contexts. Given a context r[ ] and a nested sequent A, we write r[A] to 
denote the nested sequent obtained by replacing the hole in r[ ] with A. 

The core inference rules for multi-modal SKm (without axioms) are given 
in Figure 1. The rule r is called a residuation rule (or display postulate) and 
corresponds to the residuation axioms. 

To capture Km(S'), we need to convert each axiom generated from S to an 
inference rule. Each production rule u v gives rise to the axiom [u]A D [v]A, 
or equivalently, {v)A D {u)A. The latter is an instance of the Kracht's primitive 
axioms [21] (generalised to the multimodal case). Thus, we can convert the 
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axiom into a structural rule following Kracht's rule scheme for primitive axioms: 

{u){A},r 

{v){A},T 

Let p{S) be the set of structural rules induced by the semi-Thue system S. 

Definition 3.1 Let S* be a closed semi-Thue system S over an alphabet E. 
SKm(S') is the proof system obtained by extending SKm with p{S). 

We say that two proof systems are equivalent if and only if they prove the 
same set of formulae. 

Theorem 3.2 The system SKm(S') and Km(5) are equivalent. 

The cut-elimination proof for SKm(5') follows a similar generic procedure 
for display calculi [3,21], which has been adapted to nested sequent in [14]. The 
key to cut-elimination is to show that SKm(iS') has the display property. 

Lemma 3.3 Let T[A] be a nested sequent. Then there exists a nested sequent 
V such that T[A] is derivable from the nested sequent F', A, and vice versa, 
using only the residuation rule r. 

Theorem 3.4 Cut elimination holds for SKm(S'). 

Proof. This is a straightforward adaptation of the cut-elimination proof in 
[14] for tense logic. □ 

4 Deep inference calculi 

Although the shallow system SKm(S') enjoys cut-elimination, proof search in 
its cut-free fragment is difficult to automate, due to the presence of structural 
rules. To reduce the non-determinism caused by structural rules, we consider 
next a proof system in which all structural rules (including those induced by 
grammar axioms) can be absorbed into logical rules. As the display property 
in Lemma 3.3 suggests, the residuation rule allows one to essentially apply an 
inference rule to a particular subsequent nested inside a nested sequent, by 
displaying that subsequent to the top and undisplaying it back to its original 
position in the nested sequent. It is therefore quite intuitive that one way to 
get rid of the residuation rule is to allow deep inference rules, that apply deeply 
within any arbitrary context in a nested sequent. 

The deep inference system DKm, which corresponds to SKm, is given in 
Figure 2. As can be readily seen, the residuation rule is absent and contraction 
and weakening are absorbed into logical rules. 

To fully absorb the residuation rule, and other structural rules induced 
by production rules, we need to modify the introduction rules for diamond- 
formulae. Their introduction rules will be dependent on what axioms one 
assumes. We refer to these introduction rules for diamond-formulae as propa- 
gation rules. This will be explained shortly, but first we need to define a couple 
of notions needed to define propagation rules. 
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idd 



r[[a]A, {a){A}] 
T[[a]A] 



T[AAB,A] r[AAB,B] 
r[A A B] 

r[{a){A,A},{a)A] 



Ad 



r[(a){A}, (a) A] 



(at) 



T[A\/B,A,B] 
r[A V B] 

r[(a){A, {a) A}, A] 
r[(a){A, {a) A}] 



(ai) 



Fig. 2. The inference rules of DKm 



Let S he a, closed semi-Thue system over alphabet S. We write u w to 
mean that the string v can be reached from u by applying the production rules 
(as rewrite rules) in S successively to u. Define La{S) — {u \ a Then 
La{S) defines a language generated from S with the start symbol a. 

A nested sequent can be seen as a tree whose nodes are multisets of formulae, 
and whose edges are labeled with elements of E. We assume that each node in 
a nested sequent can be identified uniquely, i.e., we can consider each node as 
labeled with a unique position identifier. An internal node of a nested sequent 
is a node which is not a leaf node. We write T[]i to denote a context in which 
the hole is located in the node at position i in the tree representing r[ ]. This 
generalises to multi-contexts, so Ff ]i[ ]j denotes a two- hole context, one hole 
located at i and the other at j (they can be the same location). From now on, 
we shall often identify a nested sequent with its tree representation, so when 
we speak of a node in F, we mean a node in the tree of F. If i and j are nodes 
in F, we write i j when j is a child node of i and the edge from i to j is 
labeled with a. If z is a node in the tree of F, we write T\i to denote the multiset 
of formula occuring in the node i. Let A and F be nested sequents. Suppose i 
is a node in F. Then we write T{i <^ A) for the nested sequent obtained from 
F by adding A to node i in F. Note that for such an addition to preserve the 
uniqueness of the position identifiers of the resulting tree, we need to rename 
the identifiers in A to avoid clashes. We shall assume implicitly that such a 
renaming is carried out when we perform this addition. 

Definition 4.1 [Propagation automaton.] A propagation automaton is a finite 
state automaton V = (S, Q, I, F, 5) where Q is a finite set of states, / = {s} is 
a singleton set of initial state and F = {t} is a singleton set of final state with 
s,t £ Q, and for every i, j G Q, if « — % j ^ S then j i (£ 6. 

In other words, a propagation automaton is just a finite state automaton 
(FSA) where each transition has a dual transition. 

Definition 4.2 Let A = (S, Q, I, F, d) be a FSA. Let i = ii, . . . , i„ and j = 
ji, . . . , jn be two sequences of states in Q. Let [ii := ji, . . . , i„ := j„] (we shall 
abbreviate this as [i := j]) be a (postfix) mapping from Q to Q that maps im 
to jrm where 1 < m < n, and is the identity map otherwise. This mapping 
is extended to a (postfix) mapping between sets of states as follows: given 
Q' ^ Q, Q'[i ■= j] = {k[i — j] I e Q'}. The automaton A[i ■= j] is the 
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tuple {E,Q[i :=j],I[i ■■=j],F[i ■.= j],6') where 

6' ^{k[i:=j]^l[i:=j]\k^leS}. 

To each nested sequent F, and nodes i and j in F, we associate a propagation 
automaton TZ(r,i, j) as foUows: 

(i) the states of TZ{T,i,j) are the nodes of (the tree of) F; 

(ii) i is the initial state of TZ{r,i,j) and j is its final state; 

(iii) each edge x y in F corresponds to two transitions in TZ{T, x y 
and y — ^ x. 

Note that although propagation automata are defined for nested sequents, 
they can be similarly defined for (multi-)contexts as well, as contexts are just 
sequents containing a special symbol [ ] denoting a hole. So in the following, 
we shall often treat a context as though it is a nested sequent. 

A semi-Thue system S over alphabet S is context-free if its production rules 
are all of the form a ^ u for some a £ E. 

In the following, to simplify presentation, we shall use the same notation to 
refer to an automaton A and the regular language it accepts. Given a context- 
free closed semi-Thue system 5, the propagation rules for S are all the rules of 
the following form where i and j are two (not necessarily distinct) nodes of F: 



r[(a)A].[A],- 

r[{a)A],mj 



PS, provided 7^(F[ ],[ f) La{S) ^ 



Note that the intersection of a regular language and a context-free language is 
a context-free language (see, e.g.. Chapter 3 in [10] for a construction of the 
intersection), and since the emptiness checking for context-free languages is 
decidable [10], the rule ps can be effectively mechanised. 

Definition 4.3 Given a context-free closed semi-Thue system S over an al- 
phabet S, the proof system DKm(S') is obtained by extending DKm with ps- 

We now show that DKm(S') is equivalent to SKm(S'). The proof relies on 
a series of lemmas showing admissibility of all structural rules of SKm(5') in 
DKm(S'). The proof follows the same outline as in the case for tense logic [14]. 
The adaptation of the proof in [14] is quite straightforward, so we shall not 
go into detailed proofs but instead just outline the required lemmas. Some of 
their proofs are outlined in the appendix. In the following lemmas, we shall 
assume that 5 is a closed context-free semi-Thue system over some S. 

Given a derivation Ft, we denote with [n[ the height of 11, i.e., the length 
(i.e., the number of edges) of the longest branch in Ft. A rule p is said to 
be admissible in DKm(iS') if provability of its premise(s) in DKm(S') implies 
provability of its conclusion in DKm(S'). It is height-preserving admissible if 
whenever the premise has a derivation then the conclusion has a derivation of 
the same height, in DKm (5). 

Admissibility of the weakening rule is a consequence of the following lemma. 
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Lemma 4.4 Let W be a derivation of r[0] in DKm(S'). Then there exists a 
derivation H' o/r[A] in DKm(S') such that |n| — |n'|. 

The admissibility proofs of the remaining structural rules all follow the same 
pattern: the most important property to prove is that, if a propagation path 
for a diamond formula exists between two nodes in the premise, then there 
exists a propagation path for the same formula, between the same nodes, in 
the conclusion of the rule. 

Lemma 4.5 The rule r is height-preserving admissible in DKm(S'). 

Admissibility of contraction is proved indirectly by showing that it can be 
replaced by a formula contraction rule and a distributivity rule: 



The rule m is also called a medial rule and is typically used to show admissibility 
of contraction in deep inference [6]. 

Lemma 4.6 The rule ctr is admissible in DKm(S') plus actr and m. 
Lemma 4.7 The rules actr and m are height-preserving admissible in 



Admissibility of contraction then follows immediately. 

Lemma 4.8 The contraction rule ctr is admissible in DKm(S'). 

Lemma 4.9 The structural rules p{S) of SKm(5) are height-preserving ad- 
missible in DKm(S'). 

Theorem 4.10 For every context-free closed semi-Thue system S, the proof 
systems SKm(S') and DKm(S') are equivalent. 

5 Regular grammar logics 

A context free semi-Thue system S over E is regular if for every a G S, the 
language La{S) is a regular language. 

In this section, wc consider logics generated by regular closed semi-Thue 
systems. We assume in this case that the union of the regular languages 
{La{S) I a g S} is represented explicitly as an FSA A with no silent tran- 
sitions. Thus A = (S, Q, I, F, 6) where Q is a finite set of states, / C Q is the 
set of initial states, F C Q is the set of final states, and 5 is the transition 
relation. Given A as above, we write s — >^ t to mean s — > t G 5. We further 
assume that each a e S has a unique initial state inita G /. 

We shall now define an alternative deep inference system given this ex- 
plicit representation of the grammar axioms as an FSA. Following similar 
tableaux systems in the literature that utilise such an automaton represen- 
tation [17,22.23], we use the states of the FSA to index formulae in a nested 
sequent to record stages of a propagation. For this, we first introduce a form 



r[A,A] 

m 



actr 



r[(a){Ai},(a){A,}] 
r[(a){Ai,A2}] 



m 



DKm(5). 
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of labeled formula, written s : A, where s £ Q. The propagation rules corre- 
sponding to A are: 

r[{a)A, inita : A] . r[s : A, {a){s' : A, A}] 



r[{a)A] T[s:A,ia){A}] 



tt, if s s' 



T\s:A,A] r\(a){s: A,A},s' : A] 

r[s : A] ^' " * ^ ^ r[(a){s : A, A}] ^^^^AS. 

Definition 5.1 Let 5 be a regular closed semi-Thue system over S and let A 
be an FSA representing the regular language generated by S and S. DKm(^) 
is the proof system DKm extended with the rules {z, /, tj,, i^} for A. 

It is intuitively clear that DKm(^) and DKm(S') are equivalent, when A 
defines the same language as L{S). Essentially, a propagation rule in DKm(S') 
can be simulated by DKm(^) using one or more propagations of labeled for- 
mulae. The other direction follows from the fact that when a diamond formula 
{a) A is propagated, via the use of labeled formulae, to a labeled formula s : A 
where s is a final state, then there must be a chain of transitions between la- 
beled formulae for A whose string forms an element of A, hence also in La{S). 
One can then propagate directly {a)A in DKm(5). 

Theorem 5.2 Let S be a regular closed semi-Thue system over E and let A be 
a FSA representing the regular language generated by S and S. Then DKm(S') 
and DKm(^) are equivalent. 

6 Decision procedures 

We now show how the proof systems DKm(^) and DKm(5) can be turned 
into decision procedures for regular grammar logics. Our aim is to derive the 
decision procedure for DKm(5') directly without the need to convert S explicitly 
to an automaton; the decision procedure DKm(^) will serve as a stepping stone 
towards this aim. The decision procedure for DKm(S') is a departure from 
all existing decision procedures for regular grammar logics (with or without 
converse) [17,9,11,22,23] that assume that an FSA representing S is given. 

6.1 An automata-based procedure 

The decision procedure for DKm(^) is basically just backward proof search, 
where one tries to saturate each sequent in the tree of sequents until either 
the idd rule is applicable, or a certain stable state is reached. When the latter 
is reached, we show that a counter model to the original nested sequent can 
be constructed. Although we obtain this procedure via a different route, the 
end result is very similar to the tableaux-based decision procedure in [17]. In 
particular, our notion of a stable state (see the definition of ^-stability below) 
used to block proof search is the same as the blocking condition in tableaux 
systems [17,9,11,23,22], which takes advantange of the labeling of formulae with 
the states of the automaton. 

Definition 6.1 [Saturation and realisation] A node z in F is saturated if the 
following hold: 
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Provei{A,r) 

(i) If r = T'[p,^p\, return T. 

(ii) If r is yl-stable, return _L. 

(iii) If r is not saturated: 

(a) If A V B e T\i but A ^ V\i or B i then let V := V{i < {A, B}) 
and return Provei{A.,T'). 

(b) Suppose Ai A A2 G r|i but neither Ai G r|i nor A2 G r|i. Let 
Ti = r(i < {Ai}) and T2 = T{i < {^2}). Then return 1 if 
Provei{A,rj) = _L for some j G {1,2}. Otherwise return T. 

(iv) If r is not ^-propagated: then there is a node i s.t. one of the following 
applies: 

(a) (a) A G r|i but inita : A ^ T\i. Then let V r{i < {inita : A}). 

(b) s : A G T\i and s G F, but A ^ r|i. Then let T' := r(i < {A}). 

(c) s : A e T\i, there is j s.t. i j and s -°^a t, but i : A ^ r|j. Then 
let r :=r(j < {t : A}). 

(d) s : A e T\i, there is j s.t. j i and s -°^a t, but i : A ^ r|j. Then 
let r :=r(i<{t:^}). 

Return Provei{A,T'). 

(v) If there is an internal node i in F that is not realised: Then there is [a] A G 
T\i such that ^ ^ r|j for every j s.t. i j. Let F' := r(i < (a){^}). 
Return Provei{A,T'). 

(vi) If there is a leaf node i that is not realised and is not a loop node: Then 
there is [a\A G r|i. Let T' := r{i <C ia){A}). Return Provei{A,r'). 

Fig. 3. An automata-based prove procedure. 

(i) If ^ G T\i then A^ ^ F|i. 

(ii) Ii AV B eT\i then A G T\i and B G T\i. 

(iii) If ^ A B G F| j then yl G F|i or B G T\i. 

T\i is realised if [a]A G F|i implies that there exists j such that i j and 
A G F|j. 

Definition 6.2 [^-propagation] Let A = (S, Q, I, F,5). A nested sequent F is 
said to be .A-propagated if for every node i in F, the following hold: 

(i) If (a) A G r\i then inita : A G F|i for any a G S. 

(ii) If s : ^ G F|i and s G F, then A G T\i. 

(iii) For all j, a, s and i, such that i >-° j and s t, ii s : A £ T\i then 
t:Ae T\j. 

(iv) For all j, a, s and t, such that j >-° i and s -^a t, if s : A £ T\i then 
t:Ae T\j. 

Definition 6.3 [^-stability] A nested sequent F is A-stable if 
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(i) Every node is saturated. 

(ii) r is ^-propagated. 

(iii) Every internal node is realised. 

(iv) For every leaf node i, one of the following holds: 

(a) There is an ancestor node j of i such that T\i = T\j. Wc call the node 
i a loop node. 

(b) T\i is realised (i.e., it cannot have a member of the form [a]^). 

The prove procedure for DKm(^) is given in Figure 3. Wc show that the 
procedure is sound and complete with respect to DKm(y^). The proofs of the 
following theorems can be found in the appendix. 

Theorem 6.4 If Provei{A,{F}) returns T then F is provable in DKm(^). 
If Provei{A, {F}) returns _L then F is not provable in DKm(^). 

Theorem 6.5 For every nested formula A, Provei{A, {A}) terminates. 

Corollary 6.6 The proof system DKm(^) is decidable. 

6.2 A grammar-based procedure 

The grammar-based procedure differs from the automaton-based procedure in 
the notion of propagation and that of a stable nested sequent. In the following, 
given a function 6 from labels to labels, and a list i = ii, . . . , i„ of labels, we 
write d{i) to denote the list 0{ii), . . . , 9{i„). We write [i := 0{i)] to mean the 
mapping [ii := 9{ii), . . . , i„ := 9{in)]. 

In the following definitions, S is assumed to be a context-free semi-Thue 
system over some alphabet S. 

Definition 6.7 [S'-propagation] Let F be a nested sequent. Let V — 
(S, Q, {i}, {j}, S) be a propagation automata, where Q is a subset of the nodes 
in F. We say that F is {S, V) -propagated if the following holds: {a) A S T\i and 
VPiLaiS) ^ imply A G V\j. F is S -propagated ii it is (S", 7^(F, i, j))-propagated 
for every node i and j in F. 

Definition 6.8 [S'-stability] A nested sequent F is S-stable if 

(i) Every node is saturated. 

(ii) F is S'-propagated. 

(iii) Every internal node is realised. 

(iv) Let be the list of all unrealised leaf nodes. There is a 
function A assigning each unrealised leaf node Xm to an ancestor X{xm) 
of Xm such that T\xm = r|A(a;,„) and for every node y and z, F is {S,V)- 
propagatcd, where V ~ 7?.(F, y, z)[x := A(a;)]. 

Now we define a non-deterministic prove procedure Prove2{S,T ,k) as in 
Figure 4, where k is an integer and S* is a context-free closed semi-Thue system. 
Given a nested sequent F, and a node i in F, the height of i in F is the length 
of the branch from the root of F to node i. The procedure Prove2{S,T, k) 
tries to construct a derivation of F, but is limited to exploring only those 
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Prove2{S, r, k) 

(i) If r = r'[p,^p\, return T. 

(ii) If r is S'-stable, return ±. 

(iii) If r is not saturated: 

• U Aw B eT\i hut A T\i or B ^ T\i, then let T' T{i < {A, B}) and 
return Prove2{S, T',k). 

• Suppose A1AA2 G r|i but neither Ai e r|i nor A2 G T\i. Let Ti = r(i < 
{^1}) and T2 = r(i <C {^2})- Then return ± if Prove2{SSj,k) = ± 
for some j G {1,2}. Otherwise return ★ if Prove2{S, Tj, k) = -k for some 
j G {1,2}. Otherwise return T. 

(iv) If r is not S'-propagated: then there must be nodes i and j such that 
{a)A G T\i and nlT,i,j)r\La{S) ^ 0, but A ^ T\j. Let F' := F^' < {A}). 
Return Prove2{S, F', fc). 

(v) If there is an internal node i in F that is not realised: Then there is [a] A G 
r|i such that A ^ F|j for every j s.t. i j. Let F' := F(j < (a){^}). 
Return Prove2{S, F', fc). 

(vi) Non-deterministically choose a leaf node i that is not realised and is at 
height equal to or lower than k in F: Then there is \a\A G F|i. Let 
F' := T{i < {a){A}). Return Prove2{S, F', k). 

(vii) Return 

Fig. 4. A grammar-based prove procedure. 

nested sequents derived from F that has height at most k. The procedure Prove 
given below is essentially an iterative deepening procedure that calls Prove2 
repeatedly with increasing values of k. If an input sequent is not valid, the 
procedure will try to guess the smallest S'-stable sequent that refutes the input 
sequent, i.e., it essentially tries to construct a finite countermodel. 

Prove(S, F) 

(i) k := 0. 

(ii) If Prove2{S, F, k) = T or Prove2{S, F, k) — _L, return T or ± respectively. 

(iii) k := k + 1. Go to step (ii). 

The procedure Prove gives a semi-decision procedure for context-free gram- 
mar logics. This uses the following lemma about S'-stable sequents, which shows 
how to extract a countermodel from an S-stable sequent. 

Lemma 6.9 Let S be a context-free closed semi-Thue system. If T is an S- 
stable nested sequent, then there exists a model 971 such that for every node x 
in F and for every A G V\x, there exists a world u! in ^ffl such that 9K, w ^ A. 

Theorem 6.10 Let S be a context-free closed semi-Thue system. For every 
formula F, Prove{S, {F}) returns T if and only if F is provable in DKm(S). 

We next show that Prove{S,T) terminates when S is regular. The key is 
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to bound the size of S'-stable scquents, hence the non-deterministic iterative 
deepening will eventually find an S'-stable sequent, when F is not provable. 

Theorem 6.11 Let S he a regular closed semi-Thue system over an alphabet 
S. Then for every formula F, the procedure Prove{S, {F}) terminates. 

The proof relies on the fact that there exists a minimal FSA A encoding S, 
so one can simulate steps of Provei{A, {F}) in Prove{S, {F}). It is not difficult 
to show that if a run of Provei{A, {F}) reaches a .4-stable nested sequent F', 
then one can find a k such that a run of Prove2{S, {F}, k) reaches a saturated 
and S-propagated nested sequent A, such that F' and A are identical except 
for the labeled formulae in F'. The interesting part is in showing that A is 
S'-stable. The details are in the appendix. 

The following is then a corollary of Theorem 6.10 and Theorem 6.11. 

Corollary 6.12 Let S be a regular closed semi-Thue system over an alphabet 
S. Then the procedure Prove is a decision procedure for DKm(S). 

7 Conclusion and future work 

Nested sequent calculus is closely related to display calculi, allowing us to ben- 
efit from well-studied proof theoretic techniques in display calculi, such as Bel- 
nap's generic cut-elimination procedure, to prove cut-elimination for SKm(S). 
At the more practical end, we have established via proof theoretic means that 
nested sequent calculi for regular grammar logics can be effectively mechanised. 
This work and our previous work [12,14] suggests that nested sequent calculus 
could potentially be a good intermediate framework to study both proof theory 
and decision procedures, at least for modal and substructural logics. 

Nested sequent calculus can be seen as a special case of labelled sequent 
calculus, as a tree structure in a nested sequent can be encoded using labels 
and accessibility relations among these labels in labelled calculi. The relation 
between the two has recently been established in [24], where the authors show 
that, if one gets rid of the frame rules in labelled calculi and structural rules 
in nested sequent calculi, there is a direct mapping between derivations of 
formulae between the two frameworks. However, it seems that the key to this 
connection, i.e., admissibility of the frame rules, has already been established 
in Simpson's thesis [25] , ^ where he shows admissibility of a class of frame rules 
(specified via Horn clauses) in favor of propagation rules obtained by applying 
a closure operation on these frame rules. The latter is similar to our notion 
of propagation rules. Thus it seems that structural rules in (shallow) nested 
sequent calculus play a similar role to the frame rules in labelled calculi. We 
plan to investigate this connection further, e.g., under what conditions the 
structural rules are admissible in deep inference calculi, and whether those 
conditions translate into any meaningful characterisations in terms of (first- 
order) properties of frames. 



^ Simpson's results are shown for intuitionistic modal logics, but it is straightforward to 
apply the techniques shown there to classical modal logics 
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The two decision procedures for regular grammar logics we have presented 
are not optimal. As can be seen from the termination proofs, their complexity 
is at least EXPSPACE. We plan to refine the procedures further to achieve op- 
timal EXPTIME complexity, e.g, by extending our deep nested sequent calculi 
with "global caching" techniques from tableaux systems [15]. 
Acknowledgment The authors would like to thank an anonymous reader of 
a previous draft for his/her detailed and useful comments. The first author is 
supported by the Australian Research Council Discovery Grant DP110103173. 
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A Proofs 

Theorem 2.5. A formula F is S"- valid iff F is provable in Km(S'). 

Proof. The soundness and completeness proofs follow the same proofs in [1] 
for axiomatisations of grammar logics without converse. The soundness proof 
is quite straightforward so we omit them. For the completeness proof, it is 
enough to show that the construction of canonical models in [1] additionally 
satisfies the residuation axiom, and the rest of the proof is the same. The 
canonical models are defined using the notion of maximal consistent sets. A 
formula A is said to be consistent if -^A is not provable in Km(S'). A finite 
set of formulae is consistent if the conjuction of all of them is consistent, and 
an infinite set is consistent if every finite subset of it is consistent. A set of 
formulae iS is maximally consistent if it is consistent and for every formula 
A, either A € S oi ^A S S. Following [1], it can be shown that a maximal 
consistent set S satisfies, among others, the following: 

• There is no formula A such that A ^ S and —■A G <S. 

• If ^ G 5 and A D B e 5 then B eS. 

• If A is provable in Km(S') then A e 5. 

We now define the canonical model 9Jlc — {W, {-RajaeE, V) as follows: 

• W is the set of all maximal consistent sets. 

• For every a e S, i?a — {{w,!!]') \ Wa C w'} where Wa = {A \ [a\A G w}. 

• For each prepositional variable p, V(p) = {w \ p ^ w}. 

It is enough to show that Ra = i.e., that Ra is the inverse of Ra- This is 
proved by contradiction. 

Suppose otherwise, i.e., there exists w and w' such that {w,w') £ Ra but 
{w' , w) ^ Ra- This means that there exists [a] A G w' such that A ^ w. Because 
w is maximally consistent, we have -lA G w. Since we have an instance of the 
residuation axiom -^A D [a](a)^A G w and since maximally consistent sets are 
closed under modus ponens, we also have [a]{a)-iA G w. Because (w,w') G Ra, 
the latter implies that (a)— 'A G w' . But this means {a)^A = -^{[a]A) G w' , 
contradicting the consistency of w' . The rest of the proof then proceeds as in 
[1] (Chapter II). Briefiy, one shows that for every w and A, if A G w then 
dJlc,w 1= A. Now if A is 5- valid but not provable in Km(S'), then -i-iA is 
not provable cither. This means -^A is in some maximal consistent set w, and 
therefore DJlc, w \= ^A, and 9Jlc, w ^ A, contradicting the validity of A. □ □ 
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Theorem 3.2. The system SKm(5) and Km(S') are equivalent. 

Proof. ( Outline). In one direction, from SKm(5) to Km(S'), we show that, for 
each inference rule of SKm(S'), if the formula interpretation of the premise(s) 
is valid then the formula interpretation of the conclusion is also valid. For 
the converse, it is enough to show that all axioms of Km(S') are derivable in 
SKm(S'). It can be shown that both the residuation axioms and the axioms 
generated from S can be derived using the structural rules r and p{S). For 
example, suppose S contains the axiom [a] D [c] [d\p. Then the (nnf of the) 
axiom can be derived as shown in the figure on the right (where a double-line 
indicates one or more application of rules): 

{h){{a){ }},^p,p 

{a){ },(6){^p,ri ' 
{a){ },(b)^p,(6)M ^ ^ 

{a){{b)^p,{b){p}] ' 
{a){b)^p,{a){{b){p}} 
(6){(a){(a)(6)^p}},p ' 

{d){{mo^){h)^P}},P 
(c-){(a)(b)^p},(d)M \ 

{c){{a){b)^p}M]p 
{a){b)^p, {c){[d]p} [ 
{a){b)^p,[c][d]p 



{a){b)^pV[c][d]p 



□ 



Lemma 4.5. The rule r is height-preserving admissible in DKm(5). 

Proof. Suppose 11 is a derivation of F, (a){A}. We show by induction on |n| 
that there exists a derivation 11' of (a){F}, A such that |n| = |n'|. This is mostly 
straightforward, except for the case where 11 ends with a propagation rule. In 
this case, it is enough to show that the propagation automata for F, (a){A} is 
in fact exactly the same as the propagation automata of (a){F}, A. □ 

Lemma 4.7. The rules actr and to are height-preserving admissible. 

Proof. Admissibility of actr is trivial. To show admissibility of to, the non- 
trivial case is when we need to permute to over ps- Suppose 11 is a derivation 
of F[(a){Ai}, (a){A2}] ending with a propagation rule. Suppose i is the node 
where Ai is located and j is the node where A2 is located. If 'P is a propagation 
automata between nodes k and / in F[(a){Ai}, (a){A2}], then ■p[j :— i] is a 
propagation automata between nodes k[j := i] and l[j := i] in F[(a){Ai, A2}]. 
So all potential propagations of diamond formulae are preserved in the con- 
clusion of TO. So TO can be permuted up over the propagation rule and by the 
induction hypothesis it can be eventually eliminated. □ 
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Lemma 4.9. The structural rules p{S) of SKm(S') arc height-preserving ad- 
missible in DKni(S'). 

Proof. Suppose 11 is a derivation of r[(a){A}]. We show that there is a deriva- 
tion n' of r[(u){A}], where m = ai • • • a„ such that a ^ u € S. This is mostly 
straightforward except when 11 ends with a propagation rule. Suppose the hole 
in r[ ] is located at node k and A is located at node I, with k y'^ I. In this case 
we need to show that if a diamond formula {b)A can be propagated from a node 
i to node j in r[(a){A}] then there is also a propagation path between i and 
j in r[(u){A}] for the same formula. Suppose Vi is the propagation automata 
7i{T[{a){A}],i,j). Then the propagation automata V2 ~ 7^(r[(w){A}], i, is 
obtained from Vi by adding n — 1 new states fci, . . . , fc„_i between k and I, 
and the following transitions: k fci, ki fcm+i, for 2 < m < n and 

kn-i I, and their dual transitions. 

Suppose i — % j is a propagation path in r[(a){A}] . If v does not go through 
the edge k )~°' I (in either direction, up or down) then the same path also exists 
in r[(w){A}]. If it does pass through k /, then the path must contain one 
or more transitions of the form k I or I — % k. Then one can simulate 
the path i — ^ j with a path i j in V2, where v' is obtained from v by 
replacing each k — ^ I with k — ^ I and each / — ^ k with / — ^ k. It remains 
to show that w' G 7^2 H Lb{S). But this follows from the fact that a — )• m £ 5 
and a ^ li E S (because S* is a closed), so v =^5 v' £ Lb{S). □ 

Theorem 4.10. For every context-free closed semi-Thue system S, the proof 
systems SKm(S') and DKm(S') are equivalent. 

Proof. One direction, from SKm(S') to DKm(S') follows from the admissibility 
of structural rules of SKm(S') in DKm(S'). To show the other direction, given a 
derivation 11 in DKm(5), we show, by induction on the number of occurrences 
of ps, with a subinduction on the height of 11, that 11 can be transformed 
into a derivation in SKm(5). As rules other than ps can be derived directly in 
SKm(S'), the only interesting case to consider is when 11 ends with ^5: 

T\{a)AUA]^ 

nia)Am -here7^(^[Mb,^,,)nM5)^0 

and r[(a)A]i[^]j is derivable via a derivation 11' in DKm(S'). Choose some 
u G 7^(r[ ]i[ n La{S). Then we can derive the impHcation {u)A D (a) A 

in SKm(S'). Using this implication, the display property and the cut rule, it 
can be shown that the following rule is derivable in SKm(S'). 

n{a)A,{u)A] 
T[{a)A] 

Then we show that the rule ps can be simulated by the derived rule d 
above, with chains of (a)-rules in SKm(5), and utilising the weakening lemma 
(Lemma 4.4). 
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Suppose u ~ ai ■ ■ ■ a„. Then there arc nodes si, . . . , s„ in r[]i[]j, with si — i 
and s„ = J, such that the foUowing is a path in the propagation automaton 

I ^ Si > S2 > ■ ■ ■ Sn-1 > Sn= J 

Now instead of propagating A using ps apphed to (a) A, we can propagate A in 
stages using {u)A and the diamond rules (ai), . . . , (a„). Let r'[]i[]j be a context 
obtained from r[]i[]j by adding the formula (ai) ■ • ■ (a„_fc+i)A to node s^, for 
each 1 < fc < ri. Then it can be shown, by induction on n, that we have a 
derivation 

r[{a)A, {u)AUA], 
r[{a)A,{u)Am, 

in DKm(S') using only the diamond rules (ai), . . . , (a„). Note that as these 
are diamond rules, not ps, they can be simulated in SKm(S'), so the above 
derivation can be simulated as well in SKm(S'). By the weakening lemma 
(Lemma 4.4), we can construct a derivation ^' of r'[{a)A, {u)A]i[A]j, such that 
the height of 11' is the same as ^P. So by the induction hypothesis we have a 
derivation of r'[(a)A, {u)A]i[A]j in SKm(S'). The final derivation in SKm(S') 
is thus constructed by chaining the above derivations: 

r'[(a)A, {u)AUA], 
T[{a)A{u)Am, 

□ 

Theorem 5.2. Let S" be a regular closed semi-Thue system over E and let 
^ be a FSA representing the regular language generated by S and S. Then 
DKm(5) and DKm(^) are equivalent. 

Proof. (Outline). To show that if a formula B is provable in DKm(5) then 
B is provable in DKm(v4) we will demonstrate that given a proof of B in 
DKm(5) it is possible to replace the highest application of a propagation rule 
from DKm(S') with a sequence of propagation rules from DKm{A). As all non- 
propagation rules between the two systems are identical, this will be sufficient 
to show that a proof in DKm(S') can be translated to a proof in DKm(^). 

Suppose we have a derivation H of r[(a)y4]i[A]j using only the rules of 
DKm. If Ps is applicable and yields r[(a)A]i[0]j, it must be the case that 
TZ{r[]i[]j,i,j) n La{S) ^ 0. Therefore there exists a sequence of transitions in 

7^(r[ ]i[ i h ■ ■ ■ in-i j, where ai ■ • • a„ e La{S) and 

where each ik, for l<fc<n — 1, isa node in r[ ];[ ]j and 

• either i y"-^ ii or ii y"-'^ i, 

• either i^-i ik or ik >-"''' ik-i, for 2 < fc < n — 1 
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• and cither j or j )-°" in-i- 

Since A accepts La{S), there must exist a sequence of transitions in A such 
that: inita si ■ • • Sn-i — ^ /, where / is a final state in A. The 
propagation path ai ■ ■ ■ a„ can then be simulated in DKm(^) as follows. First, 
define a sequence of nested sequents as follows: 

. To := r[(a)A],[0]„ Ti := ^[(a)A,^m^, : A],;[0],. 

. Tk+i := Tk{ik < {sk ■■ A}), for 1 < fc < n - 1. 

. r„+i := r„(j « {/ : A}) and r„+2 := r„+i(j « {A}). 

Then Fq can be obtained from F„+2 by a series of applications of propagation 
rules of DKm(^). That is, Fo is obtained from Fi by applying the rule i; Tk 
is obtained from Tk+i by applying either the rule or fl, for 1 < A: < n — 1, 
at node ik and F„ is obtained from F„+i by applying the rule or at node 
j, and F„+i is obtained from F„+2 by applying the rule / at node j. Note that 
F„+2 is a weakening of F[(a)A]i[A]j with labeled formulae spread in some nodes 
between i and j. It remains to show that F„+2 is derivable. This is obtained 
simply by applying weakening (Lemma 4.4) to FI. 

For the other direction, assume we have a DKm(yl)-derivation 5* of B. We 
show how to construct a derivation of B in DKm(S'). The derivation 'i' is 
constructed as follows: First, remove all labelled formulae from ^f; then remove 
the rules tX, tl and i, and finally, replace the rule / with ps- The rules ifi 
and i from ^' simply disappear in 5*' because with labelled formulae removed, 
the premise and the conclusion of any of the rules in map to the same sequent 
in 4"'. Instances of the other rules in 4* map to the same rules in We need 
to show that ^' is indeed a derivation in DKm(S'). The only non-trivial case 
is to show that the mapping from the rule / to the rule ps is correct, i.e., the 
resulting instances of ps in 4*' arc indeed valid instances. 

We first prove an invariant property that holds for We say that a nested 
sequent A is A- connected iff the following hold 

• If inita --C e A\i then {a)C e A\i. 

• li s : C € A\i and s is not an initial state of A, then there exists an a G S 
and a sequence of nodes Xi, . . . , Xn in A and a sequence of states si, . . . , 
of A such that 

• Sk ■■ C e A\xk for 1 < A: < n. 

• si = inita and Xn = i- 

■ For each 1 < fc < n, Sfc Sk+i for some 6 G S, and either Xk Xk+i 

or Xk+i >--^ Xk- 
It is then easy to verify the following claim: 

Claim: If A is yl-connccted and there is a derivation S of A in DKm(^), 
then every nested sequent in S is ^-connected. 

Given the above claim, and the fact that the nested sequent {B} is trivially 
^-connected, it follows that every nested sequent in 5' is ^-connected. Now, 
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it remains to show each instance of / in ^ can be replaced by a valid instance 
oi ps in Suppose there is an instance of / in ^E* as shown below left: 

rls:A,A], r"[{a)AUA], 
r[s:A], ^ r"[(a)A],[0], ' 

Then we by the above claim, there must exist a node i and an a G E such that 
{a) A G T[s : A]j\i and that there exist a sequence of nodes i = xi, . . . , x„ = j 
and a sequence of states inita ~ si, . . . , s„ = s such that si ^2 --^A 

■ ■ ■ A Sn for some ai, . . . ,a„_i. It also follows from ^-connectedness that 
ai ■ ■ ■ a„_i is an element of the propagation automata i?(r[s : A]j, i,j). Because 
A represents the regular languages {Li,{S) \ b € E}, we have that ai • ■ • a„_i G 
La{S), and 

ai---a„-i e La{S)nR{r[s : A]j,i,j). (A.l) 

Let r'[{a)A]i[s : A]j = T[s : A]j. Let r"[ ]i[ ]j be the context obtained from 
r'[ ]i[ ]j by removing all labelled formulae. Then (A.l) can be rewritten as: 

ai ■ • ■ a„_i e La{S) n i?,(r"[(a)A],[0]„ z, j). 

Thus the propagation instance ps shown above right, to which the above in- 
stance of / maps to. is indeed a valid instance oi ps- n 

Theorem 6.4. If Provei{A,{F}) = T then F is provable in DKm(y^). If 
Provei{A, {F}) = 1. then F is not provable in DKm(^). 

Proof. The proof of the first statement is straightforward, since the steps of 
Provei are just backward applications of rules of DKm(^). To prove the second 
statement, we show that if Provei{A, {F}) ~ 1. then there exists a model 
DJl = {W,R, V), where R = {Ra}a£S, such that DJl y= F. By the completeness 
of DKm(^), it will follow that F is not provable in DKm(^). 

Since Provei{A, {F}) = _L the procedure must generate an ^-stable A, 
with F in the root node of A. Let W be the set of all the realised nodes of 
A. For every pair i,j G W, construct an automaton P{i,j) by modifying the 
propagation automaton TZ{A,i,j) by identifying every unrealised node k' with 
its closest ancestor k such that A|fc — A\k'. That is, replace every transition of 
the form s k' with s — ^ k and k' s with k — ^ s. Then define Ra{x, y) 
iff V{x, y) n L{Aa) ^ 0, where Aa is A with only inita as the initial state. 

Suppose 5 is a closed semi-Thue system that corresponds to A. Then 
L{Ab) = Lb{S) for every 6 G E. We first show that the E-frame {W,R) de- 
fined above satisfies all the production rules in S (see Definition 2.2). Let 
a — > u G 5, where u = ai---a„. We need to show that i?„ C R^. Sup- 
pose otherwise, that is, there is a sequence of worlds xi, . . . ^ Xn+i such that 
XiRa^Xi^i but (a:i,x„+i) ^ Ra- By the above construction, we have Rb{x,y) iff 
V{x,y) nLbiS) ^ for every 6 G E. So it follows that, for each pair {xi,Xi+i), 
there is a string m G Ti{xi,Xi+i) fl Lai{S). It also follows that we have a se- 
quence of transitions xi — ^" Xn+i in V{xi, a;„_|_i), by chaining the transitions 
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Xi — ^ Xi^i together. Because a ^ u E S, and each Ui G Lai{S), we have 

a ai ■ ■ ■ an ^ ui ■ ■ - Un e La{S). 

So ui • • • M„ is in Ti{A,xi,Xn+i) H La{S), and therefore {xi,Xn+i) G Ra, con- 
tradicting the assumption. 

To complete the model, let x € V{p) iff -ip G A\x. We claim that for every 
X &W and every A G A|a;, we have 9JI, a: j^^ A. We shall prove this by induction 
on the size of A. Note that we ignore the labelled formulae in A; they are just 
a bookeeping mechanism. As F is in the root node of A, this will also prove 
3Jl \^F. We show here the interesting case involving the diamond operators. 

Suppose (a) A G A\x. Assume for a contradiction that 9K, x \= (a) A. That 
is, Ra{x,y) and y \= A. If Ra{x,y) then there is a accepting path pa{x,y) 
in P{x,y) of the form: xq — ^ xi X2 ■ ■ ■ Xn-i — ^ Xn, where xq = x and 
Xn = y such that u = ai . . . a„ G L{Aa)- Then because u G L{Aa), there must 
be a sequence of states sq, si, . . . , Sn of „4 such that sq = inita G / and s„ G F 
and the transitions between states 

ai a2 Ati 
So > Si ^ S2 • • • Sn-1 ^ S„. 

We show by induction on the length of transtions that that : A G A|xi for 
< i < n. In the base case, because (a)A G A|x, by ^-propagation, we have 
Sq : A £ A|xo. For the inductive cases, suppose Si : A £ A.\xi, for n > i > 0. 

There are two cases to consider. Suppose the transition Xi —^-pix.y) a^i+i is 
present in TZ{A,x,y). Then either Xi Xi^i or x^+i Xi. In either 

case, by ^-propagation of A, we must have s^+i : A G Ajx^+i. 

If Xi —^'p{x,y) Xi+i is not a transition in TZ{A,x,y), then this transition 
must have resulted from a use of a loop node. There are two subcases: either 
Xi or Xi+i is the closest ancestor of a loop node x' with A\xi = A\x' or, 
respectively, Ajzi+i = A|a;'. Suppose Xi is the closest ancestor of x' with A\xi = 
A\x' . By the definition of V{x, y), this means we have x' Xi+i in TZ{A, x, y). 
Because A\xi = A\x' and Si : A £ A|xi, we have Si : A £ A\x' . Then by A- 
propagation, it must be the case that s^+i : A G A|xi+i. Suppose Xi^i is the 
closest ancestor of x' with A|a;' = A|.Ti+i. Then Xi x' is a transition in 
TZ{A,x,y). By ^-propagation, it must be the case that s^+i : A G A|a;', and 
therefore also s^+i : A G A\xi+i. 

So we have s„ : A G Ajy. But, again by ^-propagation, this means A G 
A\y (because s„ is a final state). Then by the induction hypothesis, we have 
971,2/17^^4, contradicting the assumption. □ 

Theorem 6.5. For every nested formula A, Provei{A, {A}) terminates. 

Proof. ( Outline) We say that a nested sequent F is a set-based nested sequent 
if in every node of F, every (labelled) formula occurs at most once (a formula C 
and its labelled versions are considered distinct). By inspection of the procedure 
Provei , it is clear that all the intermediate sequents created during proof search 
for Provei{A, {A}) are set-based sequents. 
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Steps (i) - (iv) of the procedure only add (strict) subformulae of formulae 
occurring in the input sequent without creating new nodes, so for a given input 
nested sequent, applications of these steps eventually terminate. Because of 
the blocking conditions in each step, the same formula cannot be added twice 
to a node, so the upper bound of the size of a node (i.e., the number of formulae 
in it) is the cardinality of the set of all subformulae in the input sequent, plus 
all their possible labellings (which is finite because A has only a finite number 
of states). 

Step (v) is applicable only to internal nodes which are not realised. So the 
expansion of the nested sequent tree in this case adds to the width of the tree, 
not the height. It is easy to see that the number of branches in an internal 
node is bounded by the number of distinct 'boxed' subformulae in the original 
sequent, so this expansion step cannot be applied indefinitely without applying 
step (vi), as the number of distinct boxed subformulae is bounded and no 
new internal nodes are created. So the combination of steps (i) - (v) always 
terminates for a given input sequent. The only possible cause of termination 
is if step (vi) can be applied infinitely often. We next show that this is not the 
case. 

The expansion in step (vi) adds to the height of the input nested sequent 
tree. Because of the loop checking condition in the step, the height of the trees 
generated during proof search is bounded; we give a more precise bound next. 
Let m be the number of states in A and let n be the number of subformulae of A. 
Then the total number of different sets of formulae and labeled formulae (with 
labels from A) is bounded by 2('"+i)". Therefore, any set-based nested sequent 
generated during proof search will not cross this bound without creating a loop 
node. As the height of the trees generated during proof search is bounded, 
and the number of branches at each node of the trees is also bounded, there 
are only finitely many possible nested sequent trees that can be generated in 
each branch of the proof search. Note that every recursive call in the proof 
procedure adds something to the input nested sequent, so every branch in the 
proof search generates pairwise distinct (set-based) nested sequents. As the 
number of possible set-based nested sequents is bounded, the depth of the 
search is bounded, and because the branching in proof search is also bounded 
(i.e., it is a binary branch, created when applying the rule in step (iii)), the 
search tree must be finite, and thefore the search procedure must terminate. □ 

Lemma 6.9. Let 5* be a context-free closed semi-Thue system. If F is an 
S'-stable nested sequent, then there exists a model DJl such that for every node 
a; in F and for every A S T\x, there exists a world w in 93t such that DJl, w ^ A. 

Proof. Let be the list of (pairwise distinct) unrealised leaf 

nodes in F. Because F is S'-stable, we have a function A assigning each unrealised 
leaf node Xi to an ancestor node X{xi) such that T\xi = F|A(a;i), and for 
every node y and z in F, we have that F is (5, 7'(y, z))-propagated, where 
Viy,z) = TZ{T,y,z)[x A(a;)]. Then define 931 = {W,{Ra \ a € T.},V) where 

• W is the set of nodes of F minus the nodes x, 
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• for every x,y eW, Ra{x, y) iff y) n La{S) ^ 0, and 

• y{p) = {x eW ^ T\x]. 

Wc now show that if A G T\v then there \s a.w such that 9Jl, w A, where 
the world w is determined as fohows: if v is in x, then w = X{v)\ otherwise, 
w = V. We prove this by induction on the size of A. The only interesting cases 
are those where A= {a)C or A = [a]C for some a and C. 

• Suppose A = {a)C. Suppose, for a contradiction, that SJl, \= {a)C. That 
means there exists a w' such that Ra{w, w') and 971, w' |=: C. By the definition 
of Ra, wc have that Viw, w') D La{S) ^ 0. Because F is S'-stable, by Defini- 
tion 6.8(iv), it is (S*, 7-'(u', u)'))-propagated. This means that C G r\w' . Then 
by the induction hypothesis, 971, w' ^ C, which contradicts our assumption. 

• Suppose A ~ [a]C. To show 971, w ^ [a]C, it is enough to show there exists 
w' such that Ra{w,w') and DJl,w' ^ C. 

Note that w must be an internal node in F, so by the S'-stability of F, node 
w in F must be realised. Therefore there exists a node z such that w "^"^ z 
in F and C € F|z. li z ^ x, then let w' = z; otherwise, let w' = X{z). In 
either case, r\z = Fjiu'. so in particular, C € F|w'. Also, in either case, the 
propagation automata V{w,w') contains a transition w ---^■p{w,w') (in 
the case where z G x, this is because X{z) is identified with z). Obviously, 
a € La{S), so La{S) n V{w,w') ^ 0, so by the definition of Ra, we have 
Ra{w,w'). Since C € Fjui', by the induction hypothesis, DJl,w' ^ C. So we 
have Ra{w,w'), and 971, w' ^ C, therefore 971, ^ [a]C. 

□ 

Theorem 6.10. Let 5* be a context-free closed semi-Thue system. For every 
formula F, Prove{S, {F}) returns T if and only if F is provable in DKm(S'). 

Proof. (Outline) One direction, i.e., Prove{S, {F}) = T implies that F is 
provable in DKm(iS'), follows from the fact that steps of Prove are simply 
backward applications of rules of DKm(S'). To prove the other direction, we 
note that if F has a derivation in DKm(S'), it has a derivation of a minimal 
length, say IL. In particular, in such an derivation, there are no two identical 
nested sequents in any branch of the derivation. Because in DKm(S') each 
backward application of a rule retains the principal formula of the rule, every 
application of a rule in 11 will eventually be covered by one of the steps of Prove. 
Since there are only finitely many rule applications in 11, eventually these will 
all be covered by Prove and therefore it will terminate. For example, if 11 ends 
with a diamond (propagation) rule applied to a non-saturated sequent, the 
Prove procedure will choose to first saturate the sequent before applying the 
propagation rule. Since all rules are invertible, we do not lose any provability 
of the original sequent, but the Prove procedure may end up doing more steps. 
We need to show, additionally, that every sequent arising from the execution of 
Prove{S, {F}) is not S'-stable. Suppose otherwise, i.e., the procedure produces 
an 5-stable sequent A. Now it must be the case that F is in the root node 
of A. By Lemma 6.9, this means there exists a countermodel that falsifies F, 
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contrary to the validity of F. □ 

Theorem 6.11. Let S* be a regular closed semi-Thue system. Then for every 
formula F, the procedure Prove{S, {F}) terminates. 

Proof. Since S is regular, there exists an automaton A such that 
Provei{A, {F}) terminates. We choose the minimal deterministic finite state 
automaton A that corresponds to S. 

Suppose Provei{A, {F}) = T. Then F must be derivable in DKm(^) 
by Theorem 6.4. Since DKm(^) and DKm(S') are equivalent (Theorem 5.2), 
there must also be a derivation of F in DKm(S'). Then by Theorem 6.10, 
Prove{S, {F}) must terminate and return T. 

Suppose Provei{A,T) = _L. Then there exists an ^-stable F' that can be 
constructed from F in the execution of Provei{A, F). It can be shown that a 
A that is identical to F' without any labelled formulae can be constructed in 
the execution of Prove2{S, F, d) for some d. We claim that A is S'-stable. Sat- 
uration, propagation and the realisation of internal nodes follow immediately 
from the construction, it remains to find a function A as in Definition 6.8. We 
claim that such a function is given by X{x) = y where y is the closest ancestor 
of X in F' such that F'|.t = F'|y. That is, we identify each unrealised leaf with 
the same node it would have been identified with in Provei{A,T). 

Let i = ii, . . . ,iihe the list of all unrealised leaf nodes in A and let V{x, y) = 
TZ{A, X, y)[i := A(i)]. (Note that as the tree structures of F' and A are identical, 
we also have V{x,y) = TZ{T',x,y)[i := A(i)].) For a contradiction, suppose 
there exists j and k such that A is not {S,V{j, fc))-propagatcd, i.e., there exist 
(a) A G A\j, such that A ^ A\k but P{j, k)nLa{S) ^ 0. In other words, there is 
a word 6i . . . fe„ S P(j, fc) nLa(S'), and a sequence of states xq, . . . , x„ in P{j, k) 

such that xq ~ j,Xn ~ k,x„i-i —^v{j,k) Xm, where 1 < m < n. We will show 
that there exists a function St assigning states of A to nodes of F' satisfying: 

St[xo) e /, St{xm-i) St{xm), St{xn) G F, and St{xm) ■■ A G T'\x„i. 

This will establish that St{xn) : A G F'|.t„ where St{xn) G F. Then by A- 
propagation, it will follow that A G T'\k, and therefore A G A|fc, contradicting 
our assumption that A ^ A\k. 

Let So, • . • , Sn be the run of associated with input 6i . . . &„. Let St{xm) = 
Sm- As L{Aa) = La{S), we know that sq, . . . , s„ is an accepting run. This gives 

us St{xo) G I,St{xm-i) --^A St{xm) and St{xn) G F. It remains to show 
that St(xrn) '■ A G T'\xm- We will do so by induction on m. 

Base case: As {a) A G F'|xo, by ^^-propagation we obtain sq ■ A ^r'\xo. 

Inductive case: Suppose Xm —^vu.k) Xm+i- By the inductive hypothesis, 
Sm ■ A G F'|a;,„. There are two cases to consider: 

• The transition Xm ~^'P{j,k) Xm+i also exists in TZ{T',j,k). In this case, by 
^-propagation, we have Sm+i ■ A G T'\xrn+i- 

• The transition Xm ~^'P{j,k) Xm+i is obtained from TZ(T'^j,k) through the 
identification of unrealised leaf nodes with their closest ancestors. There are 
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two subcases: 

• Xm = A(?/) for some unrealised leaf node y such that T'\xm = r'|y, and 

y ^^■R{V',],k) Xra+i- Siucc T'l^^ = T'\y, we have that : A e T'\y and 
it follows by ^-propagation that Sm+i '■ A £ T'\xra+i- 
■ Xm+i = ^{y) for some unrealised leaf node y such that that r'|a:;,„-)_i = r'|y, 

and x,n ^^TZ{r',].k) V- By ^propagation, s^+i : A e T'\y = r'|xm+i. 

Thus when Prove{S^T) calls Prove2{S,T, d), it will construct an S'-stable 
sequent and terminate. □ 



